<?php
!defined('M_P') && exit('Forbidden');
!$winduid && Showmsg('not_login');
require_once(R_P.'require/showimg.php');
list($faceimg) = showfacedesign($winddb['icon'],1,'s');

$db_perpage = 10;
$do = Char_cv(GetGP('do'));
if ($u = (int)GetGP('u')) {
	$do = 'view';
	$uid = $u;
} else {
	$uid = $winduid;
}

if ($do == 'post') {
	define('AJAX','1');
/**
* 禁止受限制用户发言
*/
	banUser();
	InitGP(array('id','source','encode','tosign'));
	$ruid = 0;$minLenText = 3;$maxLenText = 255;


	$text = GetGP('text','P');
	if (!CkInArray(strtolower($encode),array('gbk','utf8','big5'))) {
		$encode = $charset;
	} elseif ($charset != $encode) {
		$text = pwConvert($text,$charset,$encode,true);
	}
	$text = trim(Char_cv($text));
	$textlen = strlen($text);
	$textlen < $minLenText && Showmsg('mode_o_write_textminlen');
	$textlen > $maxLenText && Showmsg('mode_o_write_textmaxlen');

	if(@include(D_P."data/bbscache/wordsfb.php")){
		if ($wordsfb) {
			foreach ($wordsfb as $key => $value) {
				$banword = (string) stripslashes($key);
				if (strpos($text,$banword)!==false) {
					Showmsg('content_wordsfb');

				}
			}
		}
		if ($replace) {
			foreach ($replace as $key => $value) {
				$banword = (string) stripslashes($key);
				if (strpos($text,$banword)!==false) {
					Showmsg('content_wordsfb');
				}
			}
		}
	}

	$firstchar = substr($text,0,1);
	switch ($firstchar) {
		case '@' :
			$uname = trim(substr($text,1,strpos($text,32)-1));
			$ruid = $db->get_value("SELECT uid FROM pw_members WHERE username=".pwEscape($uname));
			break;
		default :
			$ruid = (int)$id;
			$firstchar = '';
	}
	if ($ruid) {
		$rt = $db->get_one("SELECT uid FROM pw_friends WHERE uid=".pwEscape($winduid)."AND friendid=".pwEscape($ruid)."AND status='0' LIMIT 1");
		if (!$rt) {//只有好友才可以回复
			$ruid = 0;
		} elseif ($firstchar) {
			$text = ltrim(strstr($text,32));
			strlen($text) < $minLenText && Showmsg('mode_o_write_textminlen');
		}
	}

	$rt = $db->get_one("SELECT postdate,content FROM pw_owritedata WHERE uid=".pwEscape($winduid)."ORDER BY id DESC LIMIT 1");
	if ($rt['content'] == $text) {
		Showmsg('mode_o_write_sametext');
	} elseif ($timestamp - $rt['postdate'] < 30) {
		Showmsg('mode_o_write_timelimit');
	}


	$db_blogsource = array('web'=>1,'other'=>1);//通过哪种客户端发表

	if (empty($source)) {
		$source = 'web';
	} elseif (!isset($db_blogsource[$source])) {
		$source = 'other';
	}

	$db->update("INSERT INTO pw_owritedata SET"
		. pwSQLSingle(array(
			'uid'		=> $winduid,
			'touid'		=> $ruid,
			'postdate'	=> $timestamp,
			'isshare'	=> 0,
			'source'	=> $source,
			'content'	=> $text
		)));
	$f_id = $db->insert_id();
	if (getstatus($winddb['userstatus'],20,3) != 2) {
		pwAddFeed($winduid, 'write',$f_id, array('lang' => 'o_write', 'text' => $text));
	}
	if ($tosign && $winddb['honor'] != stripslashes($text)) {
		$db->update("UPDATE pw_members SET honor=".pwEscape($text)." WHERE uid=".pwEscape($winduid));
	}
	countPosts('+1');
	Showmsg('mode_o_write_success');

} elseif ($do == 'del') {
	define('AJAX','1');
	$id = (int)GetGP('id');
	if ($groupid != 3) {
		$sql = "AND uid=".pwEscape($winduid);
	} else {
		$sql = '';
	}
	$db->update("DELETE FROM pw_owritedata WHERE id=".pwEscape($id).$sql);
	if ($db->affected_rows() == 0) {
		Showmsg('mode_o_write_del_error');
	} else {
		$affected_rows = delAppAction('write',$id)+1;
		countPosts("-$affected_rows");
		Showmsg('mode_o_write_del');
	}
} elseif ($do == 'my') {
	$writedata = array();
	$count = $db->get_value("SELECT COUNT(*) FROM pw_owritedata WHERE touid=".pwEscape($winduid));
	if ($count) {
		$page = (int)GetGP('page');
		list($pages,$limit) = pwLimitPages($count,$page,"{$basename}q=write&do=my&");

		$query = $db->query("SELECT w.*,m.username,m.icon,m.groupid FROM pw_owritedata w LEFT JOIN pw_members m ON w.uid=m.uid WHERE w.touid=".pwEscape($winduid)."ORDER BY w.id DESC $limit");
		while ($rt = $db->fetch_array($query)) {
			if ($rt['groupid'] == 6 && $db_shield && $groupid != 3) {
				$rt['content'] = appShield('ban_write');
			}
			list($rt['postdate']) = getLastDate($rt['postdate']);
			list($rt['icon']) = showfacedesign($rt['icon'],1,'s');
			if ($rt['touid'] && $rt['username']) {
				$rt['content'] = '<a href="'.$basename.'q=user&u='.$val[uid].'">'.$val[username].'</a> @<a href="'.$basename.'q=user&u='.$winduid.'">'.$windid.'</a> '.$rt['content'];
			}
			$writedata[] = $rt;
		}
	}
	$username = $windid;
} elseif ($do == 'view') {
	if ($u && $u != $winduid) {
		$uinfo = $db->get_one("SELECT m.uid,m.username,m.icon,m.groupid,ud.index_privacy,ud.owrite_privacy FROM pw_members m LEFT JOIN pw_ouserdata ud ON m.uid=ud.uid WHERE m.uid=".pwEscape($u,false));
		list($isU,$privacy) = pwUserPrivacy($u,$uinfo);
		if (!$privacy['owrite']) {
			Showmsg('mode_o_write_right');
		}
		$username = $uinfo['username'];
		$pageurl = "{$basename}q=write&do=view&u=$u";
	} else {
		$u = (int)$winduid;
		$uinfo = $winddb;
		$username = $windid;
		$pageurl = "{$basename}q=write&do=view&";
	}
	list($faceimg) = showfacedesign($uinfo['icon'],1,'s');
	$writedata = array();
	$count = $db->get_value("SELECT COUNT(*) FROM pw_owritedata WHERE uid=".pwEscape($u,false));
	if ($count) {
		$page = (int)GetGP('page');
		list($pages,$limit) = pwLimitPages($count,$page,$pageurl);

		$query = $db->query("SELECT w.*,m.username,m.groupid FROM pw_owritedata w LEFT JOIN pw_members m ON w.touid=m.uid WHERE w.uid=".pwEscape($u,false)."ORDER BY w.id DESC $limit");
		while ($rt = $db->fetch_array($query)) {
			if ($uinfo['groupid'] == 6 && $db_shield && $groupid != 3) {
				$rt['content'] = appShield('ban_write');
			}
			list($rt['postdate']) = getLastDate($rt['postdate']);
			if ($rt['touid'] && $rt['username']) {
				$rt['content'] = '@<a href="'.$basename.'q=user&u='.$rt['touid'].'">'.$rt['username'].'</a> '.$rt['content'];
			}
			$writedata[] = $rt;
		}
	}
} else {//HOME
	$friends = array($winduid);
	$query = $db->query("SELECT friendid FROM pw_friends WHERE uid=".pwEscape($winduid)."AND status=0");
	while ($rt = $db->fetch_array($query)) {
		$friends[] = $rt['friendid'];
	}
	$writedata = $touids = array();
	$count = $db->get_value("SELECT COUNT(*) FROM pw_owritedata WHERE uid IN (".pwImplode($friends,false).")");
	if ($count) {
		require_once(R_P.'require/showimg.php');
		$page = (int)GetGP('page');
		list($pages,$limit) = pwLimitPages($count,$page,"{$basename}q=write&");
		$query = $db->query("SELECT w.*,m.username,m.icon,m.groupid FROM pw_owritedata w LEFT JOIN pw_members m ON w.uid=m.uid WHERE w.uid IN (".pwImplode($friends,false).") ORDER BY w.id DESC $limit");
		while ($rt = $db->fetch_array($query)) {
			if ($rt['groupid'] == 6 && $db_shield && $groupid != 3) {
				$rt['content'] = appShield('ban_write');
			}
			$rt['touid'] && $touids[$rt['touid']] = $rt['touid'];
			list($rt['postdate']) = getLastDate($rt['postdate']);
			list($rt['icon']) = showfacedesign($rt['icon'],1,'s');
			$writedata[] = $rt;
		}
		if ($touids) {
			$query = $db->query("SELECT uid,username FROM pw_members WHERE uid IN (".pwImplode($touids,false).")");
			while ($rt = $db->fetch_array($query)) {
				$touids[$rt['uid']] = $rt['username'];
			}
		}
	}
	$username = $windid;
}
require_once(R_P.'require/header.php');
require_once PrintEot('m_write');footer();

function pwLimitPages($count,$page,$pageurl) {
	global $db_perpage,$db_maxpage;
	require_once (R_P.'require/forum.php');
	$numofpage = ceil($count/$db_perpage);
	$numofpage = $numofpage > $db_maxpage ? $db_maxpage : $numofpage;
	$page < 1 ? $page = 1 : ($page > $numofpage ? $page = $numofpage : null);
	$pages = numofpage($count,$page,$numofpage,$pageurl,$db_maxpage);
	$limit = pwLimit(($page-1) * $db_perpage,$db_perpage);
	return array($pages,$limit);
}
?>